The invention relates generally to a system and method for controlling access to information stored at a plurality of sites, and more specifically to a secure externally authorized peer-to-peer network system that can be accessed over an intranet or the Internet.
Prior to the networking of computers and the subsequent, electronic sharing of data via networked computers, there was a natural barrier to sharing, due to the need to physically copy the data and then physically deliver it to the recipient. This required actions by some person or persons and allowed direct intervention when the transfer was not reasonable, proper, or secure. With the advent of sharing via networked computers, data can be shared without any human participation in the process. It is of major benefit to replicate the former built-in ability for a person to intercede and block unreasonable or disallowed data transfer by designing an analogous capability into any electronic data sharing process.
The current approach to all data security is to provide log-in security for those wishing to access and work with the data within a particular data repository. For in-house systems, this is usually adequate. For data shared across an enterprise, the security becomes a larger challenge since, without additional controls, every valid log-in on the enterprise has access to all of the data available to the enterprise. The complexity comes when the data involves any third party. In many cases the local database enterprise and a third party share joint ownership of some information stored in the database. Examples of shared ownership include employee payroll information, healthcare records, and banking records.
With these records, the local enterprise, which manages the data repository, usually puts in place policies concerning the use and sharing of the data with other data repositories and external data subscribers. The problem with this approach is that it rarely reflects the desires of the individual entities about whom the data pertains.
A trend in the industry, which further damages one's ability to maintain privacy and security of one's data stored in a data repository, is the creation of aggregate data access systems. An aggregate data system merges the data access from multiple sources, giving all of the users of the individual data systems access to all of the data that formerly resided in independent discrete repositories. As long as a single corporation owns all of the data systems in question, a data access policy can be imposed. However when data exists at multiple organizations which do not have a common ownership, it is almost impossible to guarantee any data access policy is met no matter how sensitive the data. It is unreasonable for the entity that shares ownership of the data to attempt to direct the data repository owner's internal use of the data. On the other hand, it is completely reasonable to demand control of the sharing of that data with third parties within one's legal right to do so.
The problem to be solved is how to provide a method to allow the entity that shares ownership of the data to gain control of the authorization process used to enable sharing of data outside of the data repository owner's organization.